this post was submitted on 11 Oct 2024
175 points (93.5% liked)

You Should Know

32947 readers
9 users here now

YSK - for all the things that can make your life easier!

The rules for posting and commenting, besides the rules defined here for lemmy.world, are as follows:

Rules (interactive)


Rule 1- All posts must begin with YSK.

All posts must begin with YSK. If you're a Mastodon user, then include YSK after @youshouldknow. This is a community to share tips and tricks that will help you improve your life.



Rule 2- Your post body text must include the reason "Why" YSK:

**In your post's text body, you must include the reason "Why" YSK: It’s helpful for readability, and informs readers about the importance of the content. **



Rule 3- Do not seek mental, medical and professional help here.

Do not seek mental, medical and professional help here. Breaking this rule will not get you or your post removed, but it will put you at risk, and possibly in danger.



Rule 4- No self promotion or upvote-farming of any kind.

That's it.



Rule 5- No baiting or sealioning or promoting an agenda.

Posts and comments which, instead of being of an innocuous nature, are specifically intended (based on reports and in the opinion of our crack moderation team) to bait users into ideological wars on charged political topics will be removed and the authors warned - or banned - depending on severity.



Rule 6- Regarding non-YSK posts.

Provided it is about the community itself, you may post non-YSK posts using the [META] tag on your post title.



Rule 7- You can't harass or disturb other members.

If you harass or discriminate against any individual member, you will be removed.

If you are a member, sympathizer or a resemblant of a movement that is known to largely hate, mock, discriminate against, and/or want to take lives of a group of people and you were provably vocal about your hate, then you will be banned on sight.

For further explanation, clarification and feedback about this rule, you may follow this link.



Rule 8- All comments should try to stay relevant to their parent content.



Rule 9- Reposts from other platforms are not allowed.

Let everyone have their own content.



Rule 10- The majority of bots aren't allowed to participate here.

Unless included in our Whitelist for Bots, your bot will not be allowed to participate in this community. To have your bot whitelisted, please contact the moderators for a short review.



Partnered Communities:

You can view our partnered communities list by following this link. To partner with our community and be included, you are free to message the moderators or comment on a pinned post.

Community Moderation

For inquiry on becoming a moderator of this community, you may comment on the pinned post of the time, or simply shoot a message to the current moderators.

Credits

Our icon(masterpiece) was made by @clen15!

founded 1 year ago
MODERATORS
 

If you plug a USB drive into Microsoft Windows, in many cases it will try to do things "for you" with the drive. Not a great idea. There could be malware lurking on that USB drive.

There are a couple of things you can do to help mitigate the issue. These tips assume Windows 11.

Turn off Autoplay

  • Open Settings. Press Windows + I to open the Settings app.
  • Go to Bluetooth & devices. In the left sidebar, click on "Bluetooth & devices."
  • Select Autoplay. Scroll down and click on "Autoplay."
  • Turn Off Autoplay. You'll see a toggle switch labeled "Use Autoplay for all media and devices." Turn this off.

This will turn it off completely. You can, if you want, make individual settings for different types of devices.

Deny Execute Access (Pro or Enterprise versions of Windows 11)

  • Open Group Policy Editor. Press Windows + R, type gpedit.msc, and press Enter.
  • Navigate to the Removable Storage Access Policies. Go to Computer Configuration > Administrative Templates > System > Removable Storage Access.
  • Modify Policies. You can enable the policy "Removable Disks: Deny execute access" to prevent execution from removable drives.
  • Apply and Reboot.

Note, there are some cases where you may want to execute scripts or programs from a removable drive. If that's the case, you may not want to do this, or make a note of it so you can re-enable if needed.

top 50 comments
sorted by: hot top controversial new old
[–] [email protected] 0 points 2 weeks ago (1 children)

I just checked a freshly installed Windows 11 and the autoplay is off by default.

Were you trying to get upvotes just for the fun of it??

[–] [email protected] -2 points 2 weeks ago (1 children)

First of all I believe you are incorrect.

You're doing a single anecdotal "test" from (I assume) one copy of the installation media. News flash, not all installation images of Windows 11 are the same.

And I will answer your anecdotal evidence with some anecdotal evidence of my own: almost every friend and coworker I've asked about this says Autoplay is on. And when I check Google or ChatGPT, they confirm that a fresh install of Windows 11 will have it on by default. So....I guess everyone else is wrong about this but you're right about every installation of Windows 11.

Secondly, your question ignores the fact that people should probably check to see if it's on. It can get turned on accidentally or even by an update. Microsoft is constantly messing arbitrarily with user preferences and settings with their weekly updates. You do know that, right?

Finally, you posted some version of this same reply multiple times in this thread. Why? Are you just doing that to "get upvotes for fun"?

BTW, there's no karma on lemmy....upvotes don't matter.

It's fine to correct someone, but first do a better job of checking your methodology, and second, don't assume their motivations for trying to share helpful info.

[–] [email protected] 2 points 2 weeks ago (2 children)

I checked two more computers after reading your reply (first time setups) and they all have autoplay off, so I remain skeptical of what you stated.

There are so many trolls and misinformation floating around.

As far as I have seen with those "fresh" installs, your information is not matching the reality here, so I'm moving on to other sources.

[–] [email protected] 1 points 2 weeks ago

This was used as an attack vector more than 15 years ago,I can't believe they re enabled it honestly. There was a virus on my school's pcs which installed itself on the USB keys and people just went home and spread it everywhere without clicking on anything thanks to autoplay. Also "asked to chatgpt" lmao.

[–] [email protected] 5 points 2 weeks ago (1 children)

it could also be regional differences, since your checks are localized to your area, and OP's his area. lots of software updates have incremental regional rollouts so i'm making a guess that that's what's happening, based on responses to this post.

don't automatically assume someone is "farming for points" when they post about something that doesn't immediately apply to you. it may apply to you in the future.

[–] [email protected] 2 points 2 weeks ago

Thank you, this is the sort of thing I was trying to point out. And I love how he ignored all my other points just to focus on this one ISO or installer he's using over and over again to "prove" that he's right.

Funny part is, I never said it was the default in the original post anyway. The whole point is, if it's turned on, you may want to turn it off.

[–] [email protected] 54 points 2 weeks ago (1 children)

Why the fuck is the non execute setting, a principal safety feature, restricted to the pro and ent versions!?

Fuck you Microsoft.

[–] [email protected] 7 points 2 weeks ago (1 children)

There is also a registry hack for this but I have not looked into it or tested it. (And I agree with your sentiments re: Microsoft.)

[–] [email protected] 6 points 2 weeks ago

Registry changes are too confusing for normal computer users. The year of the Windows desktop is a pipe dream held dearly by the utterly deranged.

[–] [email protected] 50 points 2 weeks ago
[–] [email protected] 8 points 2 weeks ago (2 children)

An hour old post about Windows on the Fediverse and no one has said use Linux?

Use Linux.

[–] [email protected] 2 points 2 weeks ago (1 children)

Personally, I'm using Win10 'til it doesn't get security updates anymore.

Then I'll give Linux a go.

[–] [email protected] 1 points 2 weeks ago

I hope it's a positive experience when you do!

[–] [email protected] 6 points 2 weeks ago

...with usbguard installed and configured with a default-deny policy.

[–] [email protected] 14 points 2 weeks ago (3 children)

so one thing that has been driving me nuts is that windows is doing something to my external TB drive to where Ubuntu thinks its corrupt. (I have dual-boot) after googling it, windows sets the drive flag as a "dirty" NTFS system, and Linux no longer reads it afterwards. not sure if there's any solution to fix that, but I'll give these a shot.

[–] [email protected] 1 points 2 weeks ago

Did you try to disable "Fast Startup" ?

By default, Windows does not do a real shutdown anymore. It closes the user session and hibernates, to speed up the following start up. As a consequence, the Windows partition (and EFI partition ?) are not properly unmounted.

[–] [email protected] 1 points 2 weeks ago

If you have Windows, it might be worth getting it to run Scandisk - or whatever the current equivalent is - on that drive.

That would at least give it less excuse to set problematic bits. In theory there'd be no harm doing this. In practice, well, make sure you have other copies of whatever is on that drive on the off-chance Windows constantly setting that bit is a sign of an underlying problem that Scandisk would make worse (or Windows/the disk decides to mangle files for some other reason.)

[–] [email protected] 5 points 2 weeks ago* (last edited 2 weeks ago)

You can use ntfsfix on the drive to do a check and remove dirty bit. This isn’t a full check though, and could mask or hide actual issues with the drive if it’s failing.

There’s also chkntfs which is more robust but I’m not sure if that’s open source and I’m not familiar with it.

Using ntfsfix is a good quick fix in my experience, but at the end of the day, NTFS is a Microsoft exclusive format and shared disks should be mounted in a format that both OSes can use, like exFAT, or Btrfs with the WinBtrfs driver (the latter I’m not familiar with, I’ve always used exFAT for shared disks, but I don’t use Windows anymore).

[–] [email protected] 22 points 2 weeks ago (1 children)

Some malicious USB drives have a capacitor that will discharge and fry your whole system. Unless you have an air-gap system that you don't care about, unknown USB drives should be disposed of.

Oh, and all this and more can be accomplished with a sneaky charging cable too. So you have to dial in your level of paranoia to suit your situation. The person most likely to tamper with your computer is a spouse. Search and chat histories as well as GPS devices are becoming common in divorce cases.

load more comments
view more: next ›